CJSpector: A Novel Cryptojacking Detection Method Using Hardware Trace and Deep Learning

Qianjin Ying, Yulei Yu, Donghai Tian*, Xiaoqi Jia, Rui Ma, Changzhen Hu

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

8 Citations (Scopus)

Abstract

With the increasing value of digital cryptocurrency in recent years, the digital cryptocurrency mining industry is becoming prosperous. However, this industry has also gained attention from adversaries who exploit users’ computers to mine cryptocurrency covertly. To detect cryptojacking attacks, many static and dynamic methods are proposed. However, the existing solutions still have some limitations in terms of effectiveness, performance, and transparency. To address these issues, we present CJSpector, a novel hardware-based approach for cryptojacking detection. This method first leverages the Intel Processor Trace mechanism to collect the run-time control flow information of a web browser. Next, CJSpector makes use of two optimization approaches based on the library functionality and information gain to preprocess the control flow information. Finally, it leverages Recurrent Neural Network (RNN) for cryptojacking detection. The evaluation shows that our method can detect in-browser covert cryptocurrency mining effectively and transparently with a small performance cost.

Original languageEnglish
Article number31
JournalJournal of Grid Computing
Volume20
Issue number3
DOIs
Publication statusPublished - Sept 2022

Keywords

  • Control flow
  • Cryptojacking detection
  • Intel processor trace
  • RNN

Fingerprint

Dive into the research topics of 'CJSpector: A Novel Cryptojacking Detection Method Using Hardware Trace and Deep Learning'. Together they form a unique fingerprint.

Cite this